Mailchimp
Not subscribed to OpsMatters Newsletter
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Latest posts
Saudi Aramco data breach: A reminder to start monitoring RPIs
On June 23, 2021, threat actors reported that they had stolen a terabyte of data from Saudi Aramco, a state-owned oil company in Saudi Arabia. The threat actors released samples of data they had procured after redacting critical information. They also claimed to have detailed information on Aramco’s employees, such as their full names, photographs, passport scans, emails, phone numbers, residence permit (Iqama card) numbers, job titles, employee ID numbers, and family information.
Detectify, an ethical hacker powered EASM solution.
Hacking yourself is the only way to protect your attack surface Explore the full breadth and depth of your external attack surface with Detectify. Find out what Internet-facing assets you're exposing, how to fix their vulnerabilities and anomalies, and accurate guidance on what you should improve and prioritize first.
How single sign-on fits into your enterprise security framework
Single sign-on, or SSO, is a valuable addition to your enterprise security arsenal. It doesn’t protect against every threat, but it can reduce your attack surface, lower IT costs, and provide a better login experience for your employees.
Cyber Essentials Update 2022 - what you need to know
In what is being described as the most significant update to the scheme since it launched in 2014, the National Cyber Security Centre (NCSC) has announced that the technical controls for Cyber Essentials and Cyber Essentials Plus will be updated as of 24th January 2022. The change is to bring the scheme in-line with the evolving cyber security challenges that organisations now face, particularly around the adoption of cloud services and hybrid working.
Better Together: The Power of Managed Cybersecurity Services in the Face of Pressing Global Security Challenges
The results from the 2021 Global Security Attitude Survey paint a bleak picture of how organizations globally are feeling about the cybersecurity landscape before them. Organizations are grappling with shortages of cybersecurity skills and a lack of capability to detect and contain intrusions in a timely way.
CVE-2022-0185: Detecting and mitigating Linux Kernel vulnerability causing container escape
This week, Linux maintainers and vendors disclosed a heap overflow vulnerability in the Linux Kernel. The vulnerability has been issued a Common Vulnerability and Exposures ID of CVE-2022-0185 and is rated as a High (7.8) severity. The flaw occurs in the Filesystem Context system when handling legacy parameters. An attacker can leverage this flaw to cause a DDoS, escape container environments, and elevate privileges.
Weekly Cyber Security News 21/01/2022
A selection of this week’s more interesting vulnerability disclosures and cyber security news. For a daily selection see our twitter feed at #ionCube24.
Pandemic-related cyber threats will persist
In 2021, we predicted that pandemic-related threats would continue throughout the year. Hear from Hank Schless, Senior Manager of Security Solutions at Lookout about what we got right and what surprised us. See our 2022 predictions on our newest blog: bit.ly/3pS3rfb
Dark Web Recon: Cybercriminals Fear More Law Enforcement Action in the Wake of the REvil Takedown
In the wake of the takedown of the REvil/Sodinokibi ransomware gang by the Russian Federal Security Service (FSB) on January 14, Eastern-European cybercriminals are feeling the ground shake. In the days following the FSB action, Trustwave SpiderLabs researchers have analyzed a slew of Dark Web chatter and have found that this potential new world is breeding fear in that community.
Why Sumo Logic Cloud SOAR
Modernizing security operations to handle current and evolving threats is critical to the success of every business. Sumo Logic Cloud SOAR is a security orchestration, automation and response solution used by enterprises and MSSPs to reduce incident response time, streamline workflows and boost SOC efficiency.